1. 首頁
  2. 問答
  3. 的Postgres - 允許在更新pg_catalog.pg_cast

的Postgres - 允許在更新pg_catalog.pg_cast

2014-02-13 69 views
0

否認我想從受限用戶(在Postgres的9.3)更新pg_catalog.pg_cast的Postgres - 允許在更新pg_catalog.pg_cast

但是運行我需要查詢:

update pg_cast set castcontext = 'i' where oid in (select c.oid from pg_cast c inner join pg_type src on src.oid = c.castsource inner join pg_type tgt on tgt.oid = c.casttarget where src.typname like 'int%' and tgt.typname like 'bool%');

,錯誤結束:

ERROR: permission denied for relation pg_cast

不過權限似乎是正確設置。見,直到查詢我因爲DB做的步驟和用戶創建:

psql -c "create database test1 WITH ENCODING 'UTF8' LC_COLLATE='en_GB.UTF8' LC_CTYPE='en_GB.UTF8' TEMPLATE=template0;" -U postgres 
psql -U postgres test1; 
test1=# CREATE USER test1 PASSWORD 'test1'; 
test1=# GRANT ALL ON SCHEMA public TO test1; 
test1=# GRANT ALL ON ALL TABLES IN SCHEMA public TO test1; 
test1=# GRANT SELECT ON TABLE pg_catalog.pg_cast TO test1; 
test1=# GRANT SELECT ON TABLE pg_catalog.pg_type TO test1; 
test1=# GRANT UPDATE ON TABLE pg_catalog.pg_cast TO test1; 
test1=# \q 

sudo service postgresql-9.3 restart 

PGPASSWORD=test1;psql -U test1 test1 

test1=> \z pg_catalog.pg_cast 
        Access privileges 
    Schema | Name | Type | Access privileges | Column access privileges 
------------+---------+-------+-------------------+-------------------------- 
pg_catalog | pg_cast | table | =r/postgres  +| 
     |   |  | test1=rw/postgres | 
(1 row) 

test1=> \z pg_catalog.pg_type 
        Access privileges 
    Schema | Name | Type | Access privileges | Column access privileges 
------------+---------+-------+-------------------+-------------------------- 
pg_catalog | pg_type | table | =r/postgres  +| 
     |   |  | test1=r/postgres | 
(1 row) 

test1=> SELECT grantee, privilege_type FROM information_schema.role_table_grants WHERE table_name='pg_cast'; 
grantee | privilege_type 
---------+---------------- 
test1 | SELECT 
test1 | UPDATE 
(2 rows) 

test1=> update pg_cast set castcontext = 'i' where oid in (select c.oid from pg_cast c inner join pg_type src on src.oid = c.castsource inner join pg_type tgt on tgt.oid = c.casttarget where src.typname like 'int%' and tgt.typname like 'bool%'); 
ERROR: permission denied for relation pg_cast

更重要的是我應該做的,以便能夠與test1用戶查詢執行? 謝謝。

來源

2014-02-13 Peter Butkovic

回答

2

你真的不應該更新系統目錄直接。該拒絕「權限」錯誤的Postgres試圖保護你的腳搬起石頭砸自己。

如果你真的想要的(如果你打破東西,你得兩件......)從這裏開始:https://serverfault.com/questions/300123/how-to-edit-system-catalogs-in-postgresql-8-1

來源

2014-02-13 13:49:36 maniek

+0

感謝,我沒有意識到這一點。所以,我結束了在更新目錄(由特權用戶完成),並限制應用程序用戶只讀訪問的解決方案。 –

相關問題

 相關問題